:doc:`IAMRolesAnywhere <../../rolesanywhere>` / Client / enable_profile

**************
enable_profile
**************



.. py:method:: IAMRolesAnywhere.Client.enable_profile(**kwargs)

  

  Enables temporary credential requests for a profile.

   

  **Required permissions:** ``rolesanywhere:EnableProfile``.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/EnableProfile>`_  


  **Request Syntax**
  ::

    response = client.enable_profile(
        profileId='string'
    )
    
  :type profileId: string
  :param profileId: **[REQUIRED]** 

    The unique identifier of the profile.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'profile': {
              'profileId': 'string',
              'profileArn': 'string',
              'name': 'string',
              'requireInstanceProperties': True|False,
              'enabled': True|False,
              'createdBy': 'string',
              'sessionPolicy': 'string',
              'roleArns': [
                  'string',
              ],
              'managedPolicyArns': [
                  'string',
              ],
              'createdAt': datetime(2015, 1, 1),
              'updatedAt': datetime(2015, 1, 1),
              'durationSeconds': 123,
              'acceptRoleSessionName': True|False,
              'attributeMappings': [
                  {
                      'certificateField': 'x509Subject'|'x509Issuer'|'x509SAN',
                      'mappingRules': [
                          {
                              'specifier': 'string'
                          },
                      ]
                  },
              ]
          }
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **profile** *(dict) --* 

        The state of the profile after a read or write operation.

        
        

        - **profileId** *(string) --* 

          The unique identifier of the profile.

          
        

        - **profileArn** *(string) --* 

          The ARN of the profile.

          
        

        - **name** *(string) --* 

          The name of the profile.

          
        

        - **requireInstanceProperties** *(boolean) --* 

          Unused, saved for future use. Will likely specify whether instance properties are required in temporary credential requests with this profile.

          
        

        - **enabled** *(boolean) --* 

          Indicates whether the profile is enabled.

          
        

        - **createdBy** *(string) --* 

          The Amazon Web Services account that created the profile.

          
        

        - **sessionPolicy** *(string) --* 

          A session policy that applies to the trust boundary of the vended session credentials.

          
        

        - **roleArns** *(list) --* 

          A list of IAM roles that this profile can assume in a temporary credential request.

          
          

          - *(string) --* 
      
        

        - **managedPolicyArns** *(list) --* 

          A list of managed policy ARNs that apply to the vended session credentials.

          
          

          - *(string) --* 
      
        

        - **createdAt** *(datetime) --* 

          The ISO-8601 timestamp when the profile was created.

          
        

        - **updatedAt** *(datetime) --* 

          The ISO-8601 timestamp when the profile was last updated.

          
        

        - **durationSeconds** *(integer) --* 

          Used to determine how long sessions vended using this profile are valid for. See the ``Expiration`` section of the `CreateSession API documentation <https://docs.aws.amazon.com/rolesanywhere/latest/userguide/authentication-create-session.html#credentials-object>`__ page for more details. In requests, if this value is not provided, the default value will be 3600.

          
        

        - **acceptRoleSessionName** *(boolean) --* 

          Used to determine if a custom role session name will be accepted in a temporary credential request.

          
        

        - **attributeMappings** *(list) --* 

          A mapping applied to the authenticating end-entity certificate.

          
          

          - *(dict) --* 

            A mapping applied to the authenticating end-entity certificate.

            
            

            - **certificateField** *(string) --* 

              Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.

              
            

            - **mappingRules** *(list) --* 

              A list of mapping entries for every supported specifier or sub-field.

              
              

              - *(dict) --* 

                A single mapping entry for each supported specifier or sub-field.

                
                

                - **specifier** *(string) --* 

                  Specifier within a certificate field, such as CN, OU, or UID from the Subject field.

                  
            
          
        
      
    
  
  **Exceptions**
  
  *   :py:class:`IAMRolesAnywhere.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`IAMRolesAnywhere.Client.exceptions.AccessDeniedException`

  